GitHub Copilot Log Injection Enables Exfiltration of Local Environment Variables
Overview
A security vulnerability was identified in the GitHub Copilot extension for Visual Studio Code that could allow for the exfiltration of sensitive data from a developer's machine. The flaw was a form of log injection. Copilot's diagnostic logging service, which sends telemetry data to GitHub, failed to properly sanitize file paths and other workspace metadata before writing them to logs. An attacker could craft a malicious repository containing files or directories with names that mimicked variable expansion syntax (e.g., `project/${env:AWS_SECRET_ACCESS_KEY}.log`). When a developer cloned and opened this repository in VS Code, the Copilot extension would scan the workspace. During this process, the malicious file path would be read and passed to the logging component. The logging library would incorrectly interpret the string as a template and interpolate the environment variable, replacing `${env:AWS_SECRET_ACCESS_KEY}` with its actual value. This sensitive information would then be written to the diagnostic log file and subsequently uploaded to GitHub's telemetry servers. An attacker with access to these logs, or a malicious insider, could harvest credentials from affected users. The issue was discovered by a security researcher who was analyzing the extension's telemetry traffic.
Affected Systems
Testing Guide
1. **(Safe Test)** In a new, empty directory, create a file named `${env:USERNAME}.txt`. 2. Open this directory in VS Code with the vulnerable Copilot extension installed. 3. Open the Copilot diagnostic logs from the VS Code Output panel. 4. Search the logs for your actual username. If the string `${env:USERNAME}` has been replaced by your username, you are vulnerable. 5. **DO NOT** test this with sensitive environment variables like API keys.
Mitigation Steps
1. **Update Extension**: Ensure the GitHub Copilot extension for VS Code is updated to version 1.185.0 or later. 2. **Audit Telemetry Settings**: Review your telemetry and logging settings in VS Code and other developer tools to limit the data being sent. 3. **Be Cautious with Repositories**: Do not clone or open repositories from untrusted sources. 4. **Use Secrets Management**: Avoid storing sensitive keys and credentials in environment variables. Use a dedicated secrets manager like HashiCorp Vault, AWS Secrets Manager, or Doppler.
Patch Details
Patched in version 1.185.0 of the GitHub Copilot extension. The patch ensures that all data from the user's workspace is treated as literal text and is properly sanitized before being logged.